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Having thus described the invention, what is claimed as new and secured by 
Letters Patent is: 

1 . A data network management system for identifying unauthorized 
5 access to a data network service, provided at a service node in a data 

network, by a user node in said data network, said system comprising: 

a data communication means for communicating with an agent at 

said service node and for retrieving a user access list from said agent, said' 

user access list including at least one data network address corresponding to 
10 at least one user node in said data network; 

a database for maintaining an authorized access list for said 

service node; and 

a data processing means for comparing said user access list to 

said authorized user access list and for updating said authorized user access 
1 5 list said authorized user access list being maintained in said database, an 

updated authorized user access list based on an updated user access list for 

said agent 

2. A data network management system as defined in claim 1 , 
20 wherein said agent is a Simple Network Management Protocol agent 

' 3. A data network management system as defined in claim 1 , 

wherein said data communication means is a Simple Network Management 
Protocol communication means. 

25 

4. A data network management system as defined in claim 1 , further 

including means for installing an agent at said service node, said agent having 
means to communicate with said data communication means. 

30 5. A method for identifying unauthorized access to a data network 

service, provided at a service node in a data network, by a user node in said 
data network, of steps comprising: 
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a) retrieving a user access list, for a given period of time, from an 
agent at said service node in said data network; 

b) comparing said user access list to an authorized access list; 

c) determining an unauthorized access based on said comparison 

5 step b); 

d) if unauthorized access determined in step c), initiating a 
notification process. 

6. A method as defined in claim 5, further including a step of updating 
1 0 said authorized access list based on an updated user access list provided by 

said agent. 

7. A method as defined in claim 5, further including a step of 

■ installing said agent at said user node, prior to retrieving said user access list 
1 5 in step a). 

8. A method as defined in claim 5, further including a step of 
selecting said service node for identification based on a predetermined criteria, 
prior to retrieving said user access list in step a). 

20 

9. A method as defined in claim 5, wherein said notification process 
further including a step of notifying a Network Operations Console. 

1 0. A method as defined in claim 5, wherein steps a) through c) are 
25 repeated, and wherein said user node is selected from one of a plurality of 

user nodes in said data networic 

11. A method as defined in claim 5, wherein steps a) through d) are 
repeated, and wherein said user node is selected from one of a plurality of 

30 user nodes in said data networic 

12. A method as defined in claim 5, wherein said agent is a Simple 
Network Management Protocol agent 
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13. A computer-readable medium having stored thereon, computer- 
readable and computer-executable instructions which, when executed by a 
processor, cause said processor to perform steps comprising: 

5 a) retrieving a user access list, for a given period of time, from an 

agent at a service node in a data network; 

b) comparing said user access listto an authorized access list; 

c) determining an unauthorized access based on the comparison 

step b); 

10 d) if unauthorized access determined in step c), initiating a 

notification process. . 

14. A computer-readable medium as defined in claim 1 3, further 
containing computer-readable and computer-executable instructions which 

1 5 perform a step of updating said authorized access list based on user access 
information. 

15. A computer-readable medium as defined in claim 1 3, further 
containing computer-readable and computer-executable instructions which 

20 • perform a step of installing said agent at said user node, prior to retrieving said 
user access list in step a). 

1 6. A computer-readable medium as defined in claim 1 3, further 
containing computer-readable and computer-executable instructions wherein 

25 said steps a) through c) are.repeated, and wherein said user node is selected 
from one of a plurality of user nodes in-said data network. 

17. A computer-readable medium as defined in claim 1 3, wherein said 
agent is a Simple Network Management Protocol agent 

30 

18. In a computer for use in a data network, said computer comprising: 

a storage means; 

a central processing unit; 
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a data communication means for communicating with an agent at 
a service node and for retrieving a user access list from said 
agent, said user access list including at least one data network 
address corresponding to at least one user node in said data 
5 network; 

said storage means having a database for maintaining an 
authorized access list for said service node; and 

a data processing means for comparing said user access list to 
said authorized user access list and for updating said authorized 
1 o user access list, said authorized user access list being 

maintained in said database, an updated authorized user access 
list based on an updated user access list for said agent. 
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